Ultimate Software continues to invest in a modern, vibrantly growing technology portfolio. The Security Architecture team contributes to the Global Security and Ultimate Software missions by building and maintaining solid mutual beneficial partnerships with all areas of the business. We are strong believers of security as a business enabler, hence, to achieve this level of partnership, we strive to provide responsive, easy to maintain cost effective security solutions. We are a highly versatile and technical team, gleaning from network engineering, developers, application security, software architecture, and Third-Party/Partner reviews.
Here at Ultimate Software, we truly put our people first. We strongly believe in teamwork, and we encourage and trust our people to reach higher, learn more, and live up to their potential. Ultimate is ranked #1 on Fortune’s Best Places to Work in Technology for 2020 and #2 on the 100 Best Companies to Work For list in 2020. Ultimate is also ranked #2 on Fortune’s 75 Best Workplaces for Women and #9 on its Best Workplaces for Diversity list. Learn more about US here: www.ultimatesoftware.com/careers
Primary/Essential Duties and Key Responsibilities:
Evaluate solutions, architectures and processes to assess risk
Identify solutions to remediate risk
Evaluate Third Party Assessments; Partners security postures and adherence to Ultimate Software standards.
Participate in and drive technology projects
Develop software frameworks both for internal and external consumption
Push for security software development lifecycle – including thread models and code reviews
Serve as expert advisor for security related questions, lead meetings as needed.
Threat Modeling, Risk Analysis, Design and/or Architecture Reviews
Perform Source Code Reviews
Deep dive into the code to understand what is happening or validate if controls were implemented appropriately.
Design technical solutions to mitigate or eliminate security vulnerabilities
Review network architectures and operation system security settings
10 years of relevant work experience
Security Monitoring and Intrusion
Incident Response and Forensics
Hard Core Development Skills
Subject matter messaging expert with extensive, well-rounded background in a diverse set of Authentication (Identity management, MFA/2FA)
Applied Cryptography (PKI, Appropriate usage of Cryptographic Primitives, Digital Signatures, HASHing, HMACs)
Authorization (claims, RBAC, fine grained, coarse grained, XACML, OAUTH, SAML)
Web Services Security (WS-Security, Oauth, JWT)
Static Source Code Review Tools(e.g. Fortify, Appscan Source, Contrast, etc).
Network Design Concepts (TCP/IP, Routing, Switching)
Operation System Hardening (Window Server, Linux)
Application Service Hardening (CIS, NSA/DOD STIGs)
Coding experience in one or more general languages
Mobile App development experience a plus
GIAC Certified UNIX Security Administrator (GCUX)
Certified Security Software Lifecycle Professional (CSSLP)
Certified Information Systems Security Professional (CISSP)
BA or BS in information security, engineering, computer science, or related areas. A Master’s degree in an IT field is a plus, and a Master’s in cybersecurity is an even bigger plus.
To apply for this job please visit recruiting.ultipro.com.